VYPR

rpm package

almalinux/jackson-annotations

pkg:rpm/almalinux/jackson-annotations

Vulnerabilities (7)

  • CVE-2025-52999HigJun 25, 2025
    affected < 2.19.1-1.module_el8.10.0+4034+20822525fixed 2.19.1-1.module_el8.10.0+4034+20822525

    jackson-core contains core low-level incremental ("streaming") parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the de

  • CVE-2020-36518Mar 11, 2022
    affected < 2.14.2-1.module_el8.10.0+3791+e0637953fixed 2.14.2-1.module_el8.10.0+3791+e0637953

    jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.

  • CVE-2019-17531Oct 12, 2019
    affected < 2.10.0-1.module_el8.5.0+2577+9e95fe00fixed 2.10.0-1.module_el8.5.0+2577+9e95fe00

    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the

  • CVE-2019-16943Oct 1, 2019
    affected < 2.10.0-1.module_el8.5.0+2577+9e95fe00fixed 2.10.0-1.module_el8.5.0+2577+9e95fe00

    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an att

  • CVE-2019-16942Oct 1, 2019
    affected < 2.10.0-1.module_el8.5.0+2577+9e95fe00fixed 2.10.0-1.module_el8.5.0+2577+9e95fe00

    A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and a

  • CVE-2019-16335Sep 15, 2019
    affected < 2.10.0-1.module_el8.5.0+2577+9e95fe00fixed 2.10.0-1.module_el8.5.0+2577+9e95fe00

    A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.

  • CVE-2019-14540Sep 15, 2019
    affected < 2.10.0-1.module_el8.5.0+2577+9e95fe00fixed 2.10.0-1.module_el8.5.0+2577+9e95fe00

    A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.